本文整理匯總了PHP中AIOWPSecurity_Utility類的典型用法代碼示例。如果您正苦於以下問題:PHP AIOWPSecurity_Utility類的具體用法?PHP AIOWPSecurity_Utility怎麽用?PHP AIOWPSecurity_Utility使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。
在下文中一共展示了AIOWPSecurity_Utility類的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: check_user_exists
static function check_user_exists($username)
{
global $wpdb;
//if username is empty just return false
if ($username == '') {
return false;
}
//If multisite
if (AIOWPSecurity_Utility::is_multisite_install()) {
$blog_id = get_current_blog_id();
$admin_users = get_users('blog_id=' . $blog_id . 'orderby=login&role=administrator');
$acct_name_exists = false;
foreach ($admin_users as $user) {
if ($user->user_login == $username) {
$acct_name_exists = true;
break;
}
}
return $acct_name_exists;
}
//check users table
$user = $wpdb->get_var("SELECT user_login FROM `" . $wpdb->users . "` WHERE user_login='" . sanitize_text_field($username) . "';");
$userid = $wpdb->get_var("SELECT ID FROM `" . $wpdb->users . "` WHERE ID='" . sanitize_text_field($username) . "';");
if ($user == $username || $userid == $username) {
return true;
} else {
return false;
}
}示例2: prepare_items
function prepare_items()
{
//First, lets decide how many records per page to show
$per_page = 20;
$columns = $this->get_columns();
$hidden = array();
$sortable = $this->get_sortable_columns();
$this->_column_headers = array($columns, $hidden, $sortable);
//$this->process_bulk_action();
global $wpdb;
global $aio_wp_security;
$logged_in_users = AIOWPSecurity_Utility::is_multisite_install() ? get_site_transient('users_online') : get_transient('users_online');
if ($logged_in_users !== FALSE) {
foreach ($logged_in_users as $key => $val) {
$userdata = get_userdata($val['user_id']);
$username = $userdata->user_login;
$val['username'] = $username;
$logged_in_users[$key] = $val;
}
} else {
$logged_in_users = array();
//If no transient found set to empty array
}
$data = $logged_in_users;
$current_page = $this->get_pagenum();
$total_items = count($data);
$data = array_slice($data, ($current_page - 1) * $per_page, $per_page);
$this->items = $data;
$this->set_pagination_args(array('total_items' => $total_items, 'per_page' => $per_page, 'total_pages' => ceil($total_items / $per_page)));
}示例3: aiowps_validate_registration_with_captcha
function aiowps_validate_registration_with_captcha($errors, $sanitized_user_login, $user_email)
{
global $aio_wp_security;
$locked = $aio_wp_security->user_login_obj->check_locked_user();
if ($locked == null) {
//user is not locked continue
} else {
$errors->add('authentication_failed', __('<strong>ERROR</strong>: You are not allowed to register because your IP address is currently locked!', 'all-in-one-wp-security-and-firewall'));
return $errors;
}
if (array_key_exists('aiowps-captcha-answer', $_POST)) {
isset($_POST['aiowps-captcha-answer']) ? $captcha_answer = strip_tags(trim($_POST['aiowps-captcha-answer'])) : ($captcha_answer = '');
$captcha_secret_string = $aio_wp_security->configs->get_value('aiowps_captcha_secret_key');
$submitted_encoded_string = base64_encode($_POST['aiowps-captcha-temp-string'] . $captcha_secret_string . $captcha_answer);
$trans_handle = sanitize_text_field($_POST['aiowps-captcha-string-info']);
$captcha_string_info_trans = AIOWPSecurity_Utility::is_multisite_install() ? get_site_transient('aiowps_captcha_string_info_' . $trans_handle) : get_transient('aiowps_captcha_string_info_' . $trans_handle);
if ($submitted_encoded_string !== $captcha_string_info_trans) {
//This means a wrong answer was entered
//return new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Your answer was incorrect - please try again.', 'all-in-one-wp-security-and-firewall'));
$errors->add('authentication_failed', __('<strong>ERROR</strong>: Your answer was incorrect - please try again.', 'all-in-one-wp-security-and-firewall'));
return $errors;
}
}
return $errors;
}示例4: prepare_items
function prepare_items()
{
//First, lets decide how many records per page to show
$per_page = 20;
$columns = $this->get_columns();
$hidden = array();
$sortable = $this->get_sortable_columns();
$this->_column_headers = array($columns, $hidden, $sortable);
//$this->process_bulk_action();
global $wpdb;
global $aio_wp_security;
/* -- Ordering parameters -- */
//Parameters that are going to be used to order the result
$orderby = !empty($_GET["orderby"]) ? mysql_real_escape_string($_GET["orderby"]) : 'user_id';
$order = !empty($_GET["order"]) ? mysql_real_escape_string($_GET["order"]) : 'DESC';
$logged_in_users = AIOWPSecurity_Utility::is_multisite_install() ? get_site_transient('users_online') : get_transient('users_online');
foreach ($logged_in_users as $key => $val) {
$userdata = get_userdata($val['user_id']);
$username = $userdata->user_login;
$val['username'] = $username;
$logged_in_users[$key] = $val;
}
$data = $logged_in_users;
$current_page = $this->get_pagenum();
$total_items = count($data);
$data = array_slice($data, ($current_page - 1) * $per_page, $per_page);
$this->items = $data;
$this->set_pagination_args(array('total_items' => $total_items, 'per_page' => $per_page, 'total_pages' => ceil($total_items / $per_page)));
}示例5: generate_maths_question
function generate_maths_question()
{
global $aio_wp_security;
//For now we will only do plus, minus, multiplication
$equation_string = '';
$operator_type = array('+', '−', '×');
$operand_display = array('word', 'number');
//let's now generate an equation
$operator = $operator_type[rand(0, 2)];
if ($operator === '×') {
//Don't make the question too hard if multiplication
$first_digit = rand(1, 5);
$second_digit = rand(1, 5);
} else {
$first_digit = rand(1, 20);
$second_digit = rand(1, 20);
}
if ($operand_display[rand(0, 1)] == 'word') {
$first_operand = $this->number_word_mapping($first_digit);
} else {
$first_operand = $first_digit;
}
if ($operand_display[rand(0, 1)] == 'word') {
$second_operand = $this->number_word_mapping($second_digit);
} else {
$second_operand = $second_digit;
}
//Let's caluclate the result and construct the equation string
if ($operator === '+') {
//Addition
$result = $first_digit + $second_digit;
$equation_string .= $first_operand . ' ' . $operator . ' ' . $second_operand . ' = ';
} else {
if ($operator === '−') {
//Subtraction
//If we are going to be negative let's swap operands around
if ($first_digit < $second_digit) {
$equation_string .= $second_operand . ' ' . $operator . ' ' . $first_operand . ' = ';
$result = $second_digit - $first_digit;
} else {
$equation_string .= $first_operand . ' ' . $operator . ' ' . $second_operand . ' = ';
$result = $first_digit - $second_digit;
}
} elseif ($operator === '×') {
//Multiplication
$equation_string .= $first_operand . ' ' . $operator . ' ' . $second_operand . ' = ';
$result = $first_digit * $second_digit;
}
}
//Let's encode correct answer
$captcha_secret_string = $aio_wp_security->configs->get_value('aiowps_captcha_secret_key');
$current_time = time();
$enc_result = base64_encode($current_time . $captcha_secret_string . $result);
$random_str = AIOWPSecurity_Utility::generate_alpha_numeric_random_string(10);
AIOWPSecurity_Utility::is_multisite_install() ? set_site_transient('aiowps_captcha_string_info_' . $random_str, $enc_result, 30 * 60) : set_transient('aiowps_captcha_string_info_' . $random_str, $enc_result, 30 * 60);
$equation_string .= '<input type="hidden" name="aiowps-captcha-string-info" id="aiowps-captcha-string-info" value="' . $random_str . '" />';
$equation_string .= '<input type="hidden" name="aiowps-captcha-temp-string" id="aiowps-captcha-temp-string" value="' . $current_time . '" />';
$equation_string .= '<input type="text" size="2" id="aiowps-captcha-answer" name="aiowps-captcha-answer" value="" />';
return $equation_string;
}示例6: get_bulk_actions
function get_bulk_actions()
{
if (AIOWPSecurity_Utility::is_multisite_install() && get_current_blog_id() != 1) {
//Suppress the block link if site is a multi site AND not the main site
$actions = array();
//blank array
} else {
$actions = array('block' => 'Block');
}
return $actions;
}示例7: prepare_items
function prepare_items()
{
/**
* First, lets decide how many records per page to show
*/
$per_page = 20;
$columns = $this->get_columns();
$hidden = array();
$sortable = $this->get_sortable_columns();
$this->_column_headers = array($columns, $hidden, $sortable);
$this->process_bulk_action();
global $wpdb;
$failed_logins_table_name = AIOWPSEC_TBL_FAILED_LOGINS;
/* -- Ordering parameters -- */
//Parameters that are going to be used to order the result
isset($_GET["orderby"]) ? $orderby = strip_tags($_GET["orderby"]) : ($orderby = '');
isset($_GET["order"]) ? $order = strip_tags($_GET["order"]) : ($order = '');
$orderby = !empty($orderby) ? esc_sql($orderby) : 'failed_login_date';
$order = !empty($order) ? esc_sql($order) : 'DESC';
$orderby = AIOWPSecurity_Utility::sanitize_value_by_array($orderby, $sortable);
$order = AIOWPSecurity_Utility::sanitize_value_by_array($order, array('DESC' => '1', 'ASC' => '1'));
$data = $wpdb->get_results($wpdb->prepare("SELECT * FROM {$failed_logins_table_name} WHERE id > %d ORDER BY {$orderby} {$order}", -1), ARRAY_A);
//Note: had to deliberately introduce WHERE clause because you need at least 2 arguments in prepare statement. Cannot use order/orderby
$current_page = $this->get_pagenum();
$total_items = count($data);
$data = array_slice($data, ($current_page - 1) * $per_page, $per_page);
$this->items = $data;
$this->set_pagination_args(array('total_items' => $total_items, 'per_page' => $per_page, 'total_pages' => ceil($total_items / $per_page)));
}示例8: render_tab1
//.........這裏部分代碼省略.........
?>
</div></div>
</div><!-- aiowps_dashboard_box -->
<?php
}
//End if statement for Rename Login box
if ($aio_wp_security->configs->get_value('aiowps_enable_automated_fcd_scan') == '1') {
echo '<div class="aiowps_dashboard_box_small">';
echo '<div class="postbox">';
echo '<h3><label for="title">File Change Detection</label></h3>';
echo '<div class="inside">';
if ($aio_wp_security->configs->get_value('aiowps_fcds_change_detected')) {
echo '<div class="aio_red_box aio_padding_10">File change detected!</div>';
echo '<p>Please review the changes from the <a href="admin.php?page=' . AIOWPSEC_FILESCAN_MENU_SLUG . '">scanner menu</a></p>';
} else {
echo '<div class="aio_green_box aio_padding_10">No recent file changes detected.</div>';
}
echo '</div></div>';
echo '</div>';
//<!-- aiowps_dashboard_box -->
}
//End if statement for automated scan box
?>
<div class="aiowps_dashboard_box_small">
<div class="postbox">
<h3><label for="title"><?php
_e('Logged In Users', 'aiowpsecurity');
?>
</label></h3>
<div class="inside">
<?php
$users_online_link = '<a href="admin.php?page=' . AIOWPSEC_USER_LOGIN_MENU_SLUG . '&tab=tab5">Logged In Users</a>';
if (AIOWPSecurity_Utility::is_multisite_install()) {
$logged_in_users = get_site_transient('users_online');
$num_users = count($logged_in_users);
if ($num_users > 1) {
echo '<div class="aio_red_box"><p>' . __('Number of users currently logged in site-wide is:', 'aiowpsecurity') . ' <strong>' . $num_users . '</strong></p>';
$info_msg = '<p>' . sprintf(__('Go to the %s menu to see more details', 'aiowpsecurity'), $users_online_link) . '</p>';
echo $info_msg . '</div>';
} else {
echo '<div class="aio_green_box"><p>' . __('There are no other site-wide users currently logged in.', 'aiowpsecurity') . '</p></div>';
}
} else {
$logged_in_users = get_transient('users_online');
if ($logged_in_users === false || $logged_in_users == NULL) {
$num_users = 0;
} else {
$num_users = count($logged_in_users);
}
if ($num_users > 1) {
echo '<div class="aio_red_box"><p>' . __('Number of users currently logged into your site (including you) is:', 'aiowpsecurity') . ' <strong>' . $num_users . '</strong></p>';
$info_msg = '<p>' . sprintf(__('Go to the %s menu to see more details', 'aiowpsecurity'), $users_online_link) . '</p>';
echo $info_msg . '</div>';
} else {
echo '<div class="aio_green_box"><p>' . __('There are no other users currently logged in.', 'aiowpsecurity') . '</p></div>';
}
}
?>
</div></div>
</div><!-- aiowps_dashboard_box -->
<div class="aiowps_dashboard_box_small">
<div class="postbox">
<h3><label for="title"><?php
_e('Locked IP Addresses', 'aiowpsecurity');示例9: render_tab2
function render_tab2()
{
global $aio_wp_security;
global $aiowps_feature_mgr;
if (isset($_POST['aiowpsec_save_registration_captcha_settings'])) {
$error = '';
$nonce = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce, 'aiowpsec-registration-captcha-settings-nonce')) {
$aio_wp_security->debug_logger->log_debug("Nonce check failed on registration captcha settings save!", 4);
die("Nonce check failed on registration captcha settings save!");
}
//Save all the form values to the options
$random_20_digit_string = AIOWPSecurity_Utility::generate_alpha_numeric_random_string(20);
//Generate random 20 char string for use during captcha encode/decode
$aio_wp_security->configs->set_value('aiowps_captcha_secret_key', $random_20_digit_string);
$aio_wp_security->configs->set_value('aiowps_enable_registration_page_captcha', isset($_POST["aiowps_enable_registration_page_captcha"]) ? '1' : '');
$aio_wp_security->configs->save_config();
//Recalculate points after the feature status/options have been altered
$aiowps_feature_mgr->check_feature_status_and_recalculate_points();
$this->show_msg_settings_updated();
}
?>
<div class="aio_blue_box">
<?php
echo '<p>' . __('This feature allows you to add a captcha form on the WordPress registration page.', 'all-in-one-wp-security-and-firewall') . '
<br />' . __('Users who attempt to register will also need to enter the answer to a simple mathematical question - if they enter the wrong answer, the plugin will not allow them to register.', 'all-in-one-wp-security-and-firewall') . '
<br />' . __('Therefore, adding a captcha form on the registration page is another effective yet simple SPAM registration prevention technique.', 'all-in-one-wp-security-and-firewall') . '
</p>';
?>
</div>
<div class="postbox">
<h3><label for="title"><?php
_e('Registration Page Captcha Settings', 'all-in-one-wp-security-and-firewall');
?>
</label></h3>
<div class="inside">
<?php
if (AIOWPSecurity_Utility::is_multisite_install() && get_current_blog_id() != 1) {
//Hide config settings if MS and not main site
$special_msg = '<div class="aio_yellow_box">';
$special_msg .= '<p>' . __('The core default behaviour for WordPress Multi Site regarding user registration is that all users are registered via the main site.', 'all-in-one-wp-security-and-firewall') . '</p>';
$special_msg .= '<p>' . __('Therefore, if you would like to add a captcha form to the registration page for a Multi Site, please go to "Registration Captcha" settings on the main site.', 'all-in-one-wp-security-and-firewall') . '</p>';
$special_msg .= '</div>';
echo $special_msg;
} else {
//Display security info badge
global $aiowps_feature_mgr;
$aiowps_feature_mgr->output_feature_details_badge("user-registration-captcha");
?>
<form action="" method="POST">
<?php
wp_nonce_field('aiowpsec-registration-captcha-settings-nonce');
?>
<table class="form-table">
<tr valign="top">
<th scope="row"><?php
_e('Enable Captcha On Registration Page', 'all-in-one-wp-security-and-firewall');
?>
:</th>
<td>
<input name="aiowps_enable_registration_page_captcha" type="checkbox"<?php
if ($aio_wp_security->configs->get_value('aiowps_enable_registration_page_captcha') == '1') {
echo ' checked="checked"';
}
?>
value="1"/>
<span class="description"><?php
_e('Check this if you want to insert a captcha form on the WordPress user registration page (if you allow user registration).', 'all-in-one-wp-security-and-firewall');
?>
</span>
</td>
</tr>
</table>
<input type="submit" name="aiowpsec_save_registration_captcha_settings" value="<?php
_e('Save Settings', 'all-in-one-wp-security-and-firewall');
?>
" class="button-primary" />
</form>
</div></div>
<?php
}
}示例10: add_option_values
static function add_option_values()
{
global $aio_wp_security;
$blog_email_address = get_bloginfo('admin_email');
//Get the blog admin email address - we will use as the default value
//WP Generator Meta Tag feature
$aio_wp_security->configs->add_value('aiowps_remove_wp_generator_meta_info', '');
//Checkbox
//Prevent Image Hotlinks
$aio_wp_security->configs->add_value('aiowps_prevent_hotlinking', '');
//Checkbox
//General Settings Page
//User password feature
//Lockdown feature
$aio_wp_security->configs->add_value('aiowps_enable_login_lockdown', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_allow_unlock_requests', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_max_login_attempts', '3');
$aio_wp_security->configs->add_value('aiowps_retry_time_period', '5');
$aio_wp_security->configs->add_value('aiowps_lockout_time_length', '60');
$aio_wp_security->configs->add_value('aiowps_set_generic_login_msg', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_enable_email_notify', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_email_address', $blog_email_address);
//text field
$aio_wp_security->configs->add_value('aiowps_enable_forced_logout', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_logout_time_period', '60');
$aio_wp_security->configs->add_value('aiowps_enable_invalid_username_lockdown', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_unlock_request_secret_key', AIOWPSecurity_Utility::generate_alpha_numeric_random_string(20));
//Hidden secret value which will be used to do some unlock request processing. This will be assigned a random string generated when lockdown settings saved
//Login Whitelist feature
$aio_wp_security->configs->add_value('aiowps_enable_whitelisting', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_allowed_ip_addresses', '');
//Captcha feature
$aio_wp_security->configs->add_value('aiowps_enable_login_captcha', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_captcha_secret_key', AIOWPSecurity_Utility::generate_alpha_numeric_random_string(20));
//Hidden secret value which will be used to do some captcha processing. This will be assigned a random string generated when captcha settings saved
//User registration
$aio_wp_security->configs->add_value('aiowps_enable_manual_registration_approval', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_enable_registration_page_captcha', '');
//Checkbox
//DB Security feature
//$aio_wp_security->configs->add_value('aiowps_new_manual_db_pefix',''); //text field
$aio_wp_security->configs->add_value('aiowps_enable_random_prefix', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_enable_automated_backups', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_db_backup_frequency', '4');
$aio_wp_security->configs->add_value('aiowps_db_backup_interval', '2');
//Dropdown box where (0,1,2) => (hours,days,weeks)
$aio_wp_security->configs->add_value('aiowps_backup_files_stored', '2');
$aio_wp_security->configs->add_value('aiowps_send_backup_email_address', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_backup_email_address', $blog_email_address);
//Filesystem Security feature
$aio_wp_security->configs->add_value('aiowps_disable_file_editing', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_prevent_default_wp_file_access', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_system_log_file', 'error_log');
//Blacklist feature
$aio_wp_security->configs->add_value('aiowps_enable_blacklisting', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_banned_ip_addresses', '');
//Firewall features
$aio_wp_security->configs->add_value('aiowps_enable_basic_firewall', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_enable_pingback_firewall', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_disable_index_views', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_disable_trace_and_track', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_forbid_proxy_comments', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_deny_bad_query_strings', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_advanced_char_string_filter', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_enable_5g_firewall', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_enable_brute_force_attack_prevention', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_brute_force_secret_word', '');
$aio_wp_security->configs->add_value('aiowps_cookie_based_brute_force_redirect_url', 'http://127.0.0.1');
$aio_wp_security->configs->add_value('aiowps_brute_force_attack_prevention_pw_protected_exception', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_brute_force_attack_prevention_ajax_exception', '');
//Checkbox
//404 detection
$aio_wp_security->configs->add_value('aiowps_enable_404_logging', '');
//Checkbox
$aio_wp_security->configs->add_value('aiowps_enable_404_IP_lockout', '');
//.........這裏部分代碼省略.........
示例11: do_additional_plugins_loaded_tasks
function do_additional_plugins_loaded_tasks()
{
if (isset($_GET['aiowpsec_do_log_out'])) {
wp_logout();
if (isset($_GET['after_logout'])) {
$after_logout_url = esc_url($_GET['after_logout']);
AIOWPSecurity_Utility::redirect_to_url($after_logout_url);
}
if (isset($_GET['al_additional_data'])) {
$payload = strip_tags($_GET['al_additional_data']);
$decoded_payload = base64_decode($payload);
parse_str($decoded_payload);
if (!empty($redirect_to)) {
$login_url = AIOWPSecurity_Utility::add_query_data_to_url(wp_login_url(), 'redirect_to', $redirect_to);
}
if (!empty($msg)) {
$login_url .= '&' . $msg;
}
if (!empty($login_url)) {
AIOWPSecurity_Utility::redirect_to_url($login_url);
}
}
}
}示例12: render_tab5
function render_tab5()
{
$logged_in_users = AIOWPSecurity_Utility::is_multisite_install() ? get_site_transient('users_online') : get_transient('users_online');
global $aio_wp_security;
include_once 'wp-security-list-logged-in-users.php';
//For rendering the AIOWPSecurity_List_Table
$user_list = new AIOWPSecurity_List_Logged_In_Users();
if (isset($_REQUEST['action'])) {
if ($_REQUEST['action'] == 'force_user_logout') {
//Force Logout link was clicked for a row in list table
$user_list->force_user_logout(strip_tags($_REQUEST['logged_in_id']), strip_tags($_REQUEST['ip_address']));
}
}
if (isset($_POST['aiowps_refresh_logged_in_user_list'])) {
$nonce = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce, 'aiowpsec-logged-in-users-nonce')) {
$aio_wp_security->debug_logger->log_debug("Nonce check failed for users logged in list!", 4);
die(__('Nonce check failed for users logged in list!', 'all-in-one-wp-security-and-firewall'));
}
$user_list->prepare_items();
}
?>
<div class="postbox">
<h3><label for="title"><?php
_e('Refresh Logged In User Data', 'all-in-one-wp-security-and-firewall');
?>
</label></h3>
<div class="inside">
<form action="" method="POST">
<?php
wp_nonce_field('aiowpsec-logged-in-users-nonce');
?>
<input type="submit" name="aiowps_refresh_logged_in_user_list" value="<?php
_e('Refresh Data', 'all-in-one-wp-security-and-firewall');
?>
" class="button-primary" />
</form>
</div></div>
<div class="aio_blue_box">
<?php
echo '<p>' . __('This tab displays all users who are currently logged into your site.', 'all-in-one-wp-security-and-firewall') . '
<br />' . __('If you suspect there is a user or users who are logged in which should not be, you can block them by inspecting the IP addresses from the data below and adding them to your blacklist.', 'all-in-one-wp-security-and-firewall') . '
<br />' . __('You can also instantly log them out by clicking on the "Force Logout" link when you hover over the row in the User Id column.', 'all-in-one-wp-security-and-firewall') . '
</p>';
?>
</div>
<div class="postbox">
<h3><label for="title"><?php
_e('Currently Logged In Users', 'all-in-one-wp-security-and-firewall');
?>
</label></h3>
<div class="inside">
<?php
//Fetch, prepare, sort, and filter our data...
$user_list->prepare_items();
//echo "put table of locked entries here";
?>
<form id="tables-filter" method="get" onSubmit="return confirm('Are you sure you want to perform this bulk operation on the selected entries?');">
<!-- For plugins, we also need to ensure that the form posts back to our current page -->
<input type="hidden" name="page" value="<?php
echo esc_attr($_REQUEST['page']);
?>
" />
<input type="hidden" name="tab" value="<?php
echo esc_attr($_REQUEST['tab']);
?>
" />
<!-- Now we can render the completed list table -->
<?php
$user_list->display();
?>
</form>
</div></div>
<?php
}示例13: change_db_prefix
function change_db_prefix($table_old_prefix, $table_new_prefix)
{
global $wpdb, $aio_wp_security;
$old_prefix_length = strlen($table_old_prefix);
$error = 0;
//Config file path
$config_file = AIOWPSecurity_Utility_File::get_wp_config_file_path();
//Get the table resource
//$result = mysql_list_tables(DB_NAME);
$result = $this->get_mysql_tables(DB_NAME);
//Fix for deprecated php mysql_list_tables function
//Count the number of tables
if (is_array($result) && count($result) > 0) {
$num_rows = count($result);
} else {
echo '<div class="aio_red_box"><p>' . __('Error - Could not get tables or no tables found!', 'all-in-one-wp-security-and-firewall') . '</p></div>';
return;
}
$table_count = 0;
$info_msg_string = '<p class="aio_info_with_icon">' . __('Starting DB prefix change operations.....', 'all-in-one-wp-security-and-firewall') . '</p>';
$info_msg_string .= '<p class="aio_info_with_icon">' . sprintf(__('Your WordPress system has a total of %s tables and your new DB prefix will be: %s', 'all-in-one-wp-security-and-firewall'), '<strong>' . $num_rows . '</strong>', '<strong>' . $table_new_prefix . '</strong>') . '</p>';
echo $info_msg_string;
//Do a back of the config file
if (!AIOWPSecurity_Utility_File::backup_and_rename_wp_config($config_file)) {
echo '<div class="aio_red_box"><p>' . __('Failed to make a backup of the wp-config.php file. This operation will not go ahead.', 'all-in-one-wp-security-and-firewall') . '</p></div>';
return;
} else {
echo '<p class="aio_success_with_icon">' . __('A backup copy of your wp-config.php file was created successfully!', 'all-in-one-wp-security-and-firewall') . '</p>';
}
//Get multisite blog_ids if applicable
if (AIOWPSecurity_Utility::is_multisite_install()) {
$blog_ids = AIOWPSecurity_Utility::get_blog_ids();
}
//Rename all the table names
foreach ($result as $db_table) {
//Get table name with old prefix
$table_old_name = $db_table;
if (strpos($table_old_name, $table_old_prefix) === 0) {
//Get table name with new prefix
$table_new_name = $table_new_prefix . substr($table_old_name, $old_prefix_length);
//Write query to rename tables name
$sql = "RENAME TABLE `" . $table_old_name . "` TO `" . $table_new_name . "`";
//$sql = "RENAME TABLE %s TO %s";
//Execute the query
if (false === $wpdb->query($sql)) {
$error = 1;
echo '<p class="aio_error_with_icon">' . sprintf(__('%s table name update failed', 'all-in-one-wp-security-and-firewall'), '<strong>' . $table_old_name . '</strong>') . '</p>';
$aio_wp_security->debug_logger->log_debug("DB Security Feature - Unable to change prefix of table " . $table_old_name, 4);
} else {
$table_count++;
}
} else {
continue;
}
}
if ($error == 1) {
echo '<p class="aio_error_with_icon">' . sprintf(__('Please change the prefix manually for the above tables to: %s', 'all-in-one-wp-security-and-firewall'), '<strong>' . $table_new_prefix . '</strong>') . '</p>';
} else {
echo '<p class="aio_success_with_icon">' . sprintf(__('%s tables had their prefix updated successfully!', 'all-in-one-wp-security-and-firewall'), '<strong>' . $table_count . '</strong>') . '</p>';
}
//Get wp-config.php file contents and modify it with new info
$config_contents = file($config_file);
$prefix_match_string = '$table_prefix=';
//this is our search string for the wp-config.php file
foreach ($config_contents as $line_num => $line) {
$no_ws_line = preg_replace('/\\s+/', '', $line);
//Strip white spaces
if (strpos($no_ws_line, $prefix_match_string) !== FALSE) {
$config_contents[$line_num] = str_replace($table_old_prefix, $table_new_prefix, $line);
break;
}
}
//Now let's modify the wp-config.php file
if (AIOWPSecurity_Utility_File::write_content_to_file($config_file, $config_contents)) {
echo '<p class="aio_success_with_icon">' . __('wp-config.php file was updated successfully!', 'all-in-one-wp-security-and-firewall') . '</p>';
} else {
echo '<p class="aio_error_with_icon">' . sprintf(__('The "wp-config.php" file was not able to be modified. Please modify this file manually using your favourite editor and search
for variable "$table_prefix" and assign the following value to that variable: %s', 'all-in-one-wp-security-and-firewall'), '<strong>' . $table_new_prefix . '</strong>') . '</p>';
$aio_wp_security->debug_logger->log_debug("DB Security Feature - Unable to modify wp-config.php", 4);
}
//Now let's update the options table
$update_option_table_query = "UPDATE " . $table_new_prefix . "options \r\r\n SET option_name = '" . $table_new_prefix . "user_roles' \r\r\n WHERE option_name = '" . $table_old_prefix . "user_roles' \r\r\n LIMIT 1";
if (false === $wpdb->query($update_option_table_query)) {
echo '<p class="aio_error_with_icon">' . sprintf(__('Update of table %s failed: unable to change %s to %s', 'all-in-one-wp-security-and-firewall'), $table_new_prefix . 'options', $table_old_prefix . 'user_roles', $table_new_prefix . 'user_roles') . '</p>';
$aio_wp_security->debug_logger->log_debug("DB Security Feature - Error when updating the options table", 4);
//Log the highly unlikely event of DB error
} else {
echo '<p class="aio_success_with_icon">' . sprintf(__('The options table records which had references to the old DB prefix were updated successfully!', 'all-in-one-wp-security-and-firewall')) . '</p>';
}
//Now let's update the options tables for the multisite subsites if applicable
if (AIOWPSecurity_Utility::is_multisite_install()) {
if (!empty($blog_ids)) {
foreach ($blog_ids as $blog_id) {
if ($blog_id == 1) {
continue;
}
//skip main site
$new_pref_and_site_id = $table_new_prefix . $blog_id . '_';
$old_pref_and_site_id = $table_old_prefix . $blog_id . '_';
$update_ms_option_table_query = "UPDATE " . $new_pref_and_site_id . "options\r\r\n SET option_name = '" . $new_pref_and_site_id . "user_roles'\r\r\n WHERE option_name = '" . $old_pref_and_site_id . "user_roles'\r\r\n LIMIT 1";
//.........這裏部分代碼省略.........
示例14: do_additional_plugins_loaded_tasks
function do_additional_plugins_loaded_tasks()
{
global $aio_wp_security;
if (isset($_GET['aiowpsec_do_log_out'])) {
wp_logout();
if (isset($_GET['after_logout'])) {
$after_logout_url = esc_url($_GET['after_logout']);
AIOWPSecurity_Utility::redirect_to_url($after_logout_url);
}
$additional_data = strip_tags($_GET['al_additional_data']);
if (isset($additional_data)) {
$login_url = '';
//Check if rename login feature enabled
if ($aio_wp_security->configs->get_value('aiowps_enable_rename_login_page') == '1') {
if (get_option('permalink_structure')) {
$home_url = trailingslashit(home_url());
} else {
$home_url = trailingslashit(home_url()) . '?';
}
$login_url = $home_url . $aio_wp_security->configs->get_value('aiowps_login_page_slug');
} else {
$login_url = wp_login_url();
}
//Inspect the payload and do redirect to login page with a msg and redirect url
$logout_payload = AIOWPSecurity_Utility::is_multisite_install() ? get_site_transient('aiowps_logout_payload') : get_transient('aiowps_logout_payload');
if (!empty($logout_payload['redirect_to'])) {
$login_url = AIOWPSecurity_Utility::add_query_data_to_url($login_url, 'redirect_to', $logout_payload['redirect_to']);
}
if (!empty($logout_payload['msg'])) {
$login_url .= '&' . $logout_payload['msg'];
}
if (!empty($login_url)) {
AIOWPSecurity_Utility::redirect_to_url($login_url);
}
}
}
}示例15: validate_change_username_form
function validate_change_username_form()
{
global $wpdb;
global $aio_wp_security;
$errors = '';
$nonce = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce, 'aiowpsec-change-admin-nonce')) {
$aio_wp_security->debug_logger->log_debug("Nonce check failed on admin username change operation!", 4);
die(__('Nonce check failed on admin username change operation!', 'aiowpsecurity'));
}
if (!empty($_POST['aiowps_new_user_name'])) {
$new_username = sanitize_text_field($_POST['aiowps_new_user_name']);
if (validate_username($new_username)) {
if (AIOWPSecurity_Utility::check_user_exists($new_username)) {
$errors .= __('Username ', 'aiowpsecurity') . $new_username . __(' already exists. Please enter another value. ', 'aiowpsecurity');
} else {
//let's check if currently logged in username is 'admin'
global $user_login;
get_currentuserinfo();
if (strtolower($user_login) == 'admin') {
$username_is_admin = TRUE;
} else {
$username_is_admin = FALSE;
}
//Now let's change the username
$result = $wpdb->query("UPDATE `" . $wpdb->users . "` SET user_login = '" . esc_sql($new_username) . "' WHERE user_login='admin';");
if (!$result) {
//There was an error updating the users table
$user_update_error = __('The database update operation of the user account failed!', 'aiowpsecurity');
//TODO## - add error logging here
$return_msg = '<div id="message" class="updated fade"><p>' . $user_update_error . '</p></div>';
return $return_msg;
}
//multisite considerations
if (AIOWPSecurity_Utility::is_multisite_install()) {
//process sitemeta if we're in a multi-site situation
$oldAdmins = $wpdb->get_var("SELECT meta_value FROM `" . $wpdb->sitemeta . "` WHERE meta_key = 'site_admins'");
$newAdmins = str_replace('5:"admin"', strlen($new_username) . ':"' . esc_sql($new_username) . '"', $oldAdmins);
$wpdb->query("UPDATE `" . $wpdb->sitemeta . "` SET meta_value = '" . esc_sql($newAdmins) . "' WHERE meta_key = 'site_admins'");
}
//If user is logged in with username "admin" then log user out and send to login page so they can login again
if ($username_is_admin) {
//Lets logout the user
$aio_wp_security->debug_logger->log_debug("Logging User Out with login " . $user_login . " because they changed their username.");
$after_logout_url = AIOWPSecurity_Utility::get_current_page_url();
$after_logout_payload = 'redirect_to=' . $after_logout_url . '&msg=' . $aio_wp_security->user_login_obj->key_login_msg . '=admin_user_changed';
//Place the handle for the login screen message in the URL
$encrypted_payload = base64_encode($after_logout_payload);
$logout_url = AIOWPSEC_WP_URL . '?aiowpsec_do_log_out=1';
$logout_url = AIOWPSecurity_Utility::add_query_data_to_url($logout_url, 'al_additional_data', $encrypted_payload);
AIOWPSecurity_Utility::redirect_to_url($logout_url);
}
}
} else {
//An invalid username was entered
$errors .= __('You entered an invalid username. Please enter another value. ', 'aiowpsecurity');
}
} else {
//No username value was entered
$errors .= __('Please enter a value for your username. ', 'aiowpsecurity');
}
if (strlen($errors) > 0) {
//We have some validation or other error
$return_msg = '<div id="message" class="error"><p>' . $errors . '</p></div>';
} else {
$return_msg = '<div id="message" class="updated fade"><p>' . __('Username Successfully Changed!', 'aiowpsecurity') . '</p></div>';
}
return $return_msg;
}